If you're building workflows in n8n that need to talk to APIs requiring token-based authentication, you’ll want to use bearer tokens. It's one of the simplest and most secure authentication methods for APIs. Whether you’re integrating a custom REST API or setting up communication with services like Airtable, Notion, or HubSpot, understanding how to configure bearer authentication in n8n will streamline your automation efforts.
This n8n bearer auth guide walks you through everything: what bearer authentication is, why you might need it, and exactly how to set it up in n8n, even if you're new to the platform.
What Is Bearer Authentication?
Bearer authentication is a type of HTTP authentication where a token (known as a bearer token) is sent in the request header. This token is typically a secret key that gives access to the API on behalf of a user or application.
The typical request looks like this:
Authorization: Bearer YOUR_TOKEN_HERE
APIs that use bearer auth usually issue tokens via OAuth2, API keys, or some manual process. In n8n, you can easily pass this token in the HTTP Request node’s headers.
When Should You Use Bearer Authentication in n8n?
Here are common scenarios where setting up bearer authentication is necessary:
- Accessing APIs that require access tokens (e.g., custom-built services or SaaS tools)
- Integrating with tools like Airtable or Notion that issue bearer tokens for API access
- Testing endpoints that require secure authorization without implementing full OAuth2 flows
If you're self-hosting n8n or setting up cloud-based automations, including bearer tokens in requests can give you full control with minimal friction.
Setting Up Bearer Token Authentication in n8n
Step 1: Get Your Bearer Token
Before anything, you’ll need to retrieve a valid token from the service you’re trying to integrate. This could be:
- An API key issued by a service like Notion or Shopify
- A personal access token from a developer account
- A short-lived bearer token obtained via OAuth2 (though OAuth2 requires extra configuration in n8n)
For this guide, assume you've copied your token and are ready to use it.
Step 2: Use the HTTP Request Node
The HTTP Request node in n8n is the most flexible way to use bearer authentication. Here’s how to configure it:
- Add an HTTP Request node to your workflow.
- In the Method dropdown, select your request type, e.g.,
GETorPOST. - In the URL field, enter the endpoint you want to call.
- Scroll to the Headers section and add a new header:
- Name:
Authorization - Value:
Bearer YOUR_TOKEN_HERE
- Name:
Make sure to replace YOUR_TOKEN_HERE with the actual token you copied earlier.
💡 Tip: You can also use an environment variable or n8n credential to avoid hardcoding your sensitive token.
Step 3: Test Your Request
Click “Execute Node” and verify the response. If the token is valid and the endpoint is accessible, you should see a successful HTTP response (usually a 200 or 201 status).
If you get a 401 Unauthorized or 403 Forbidden, double-check:
- The token value
- That the API endpoint is correct
- If any extra headers (like
Content-Type) are needed
Optional: Use Variables or Credentials for Security
To make your workflow more secure and reusable, avoid hardcoding the token. Here are two safer methods:
Use Environment Variables
If you're self-hosting n8n, use environment variables in your headers:
- Set
MY_API_TOKEN=abcdef123456in your.envfile - In n8n, use this syntax in the header value:
{{ $env.MY_API_TOKEN }}And the header becomes:
Authorization: Bearer {{ $env.MY_API_TOKEN }}
Use the Credentials Feature in n8n
- From the sidebar, go to Credentials → Create New → Choose HTTP Basic Auth (if supported) or use Generic Credential Type (for transforming headers).
- Define a custom credential or fixed token.
- Reference the credential directly in your HTTP Request node.
Using credentials is recommended when you build workflows for production or teams, as it allows safer token management.
Example: Connect to Notion API Using Bearer Auth
Many platforms like Notion require bearer tokens. Here’s a mini use case:
-
Retrieve your Notion integration token.
-
Use it like:
- Method: GET
- URL:
https://api.notion.com/v1/databases - Headers:
- Authorization:
Bearer YOUR_NOTION_TOKEN - Notion-Version:
2022-06-28 - Content-Type:
application/json
- Authorization:
Once set, executing the node will list databases available in your Notion account.
Want more on this? Check out our Notion and n8n integration guide for end-to-end automation examples.
Use Cases Where Bearer Token Auth Shines
Bearer tokens in n8n allow secure and efficient workflows like:
- Syncing data from Google Sheets, Airtable, or Notion
- Automatically posting to CRMs like HubSpot or Salesforce
- Triggering custom internal APIs from your business logic
For Airtable-specific setups, our Airtable with n8n integration guide walks you through a perfect real-world example.
Additional Tips for Secure Bearer Token Usage
- Rotate tokens regularly if the service supports it
- Store tokens in credentials or environment variables
- Do not expose tokens in node parameters if workflows will be shared
- Log responses but avoid saving full requests/responses that include tokens
Here’s a quick comparison table to summarize methods for adding bearer tokens in n8n:
| Method | Pros | Cons |
|---|---|---|
| Hardcoding in header | Quick and easy | Not secure, not reusable |
| Environment variables | More secure for self-hosted setups | Requires config access |
| Using Custom Credentials | Secure and shareable | Slightly longer setup time |
You can mix methods depending on whether your workflow is for testing or production use.
FAQ
What happens if my bearer token expires?
You’ll receive a 401 Unauthorized response in n8n. Some APIs (like OAuth2) support refresh tokens, but for static tokens, you must manually update your token in your workflow.
Can I reuse bearer tokens across nodes?
Yes, but it’s best to store the token in a variable or credential. Then you can reference it in multiple nodes without duplication.
Is bearer auth better than OAuth2?
OAuth2 offers more control and is ideal for user-level permissions, but bearer tokens are much faster to implement, especially with API keys or service-level access.
How can I hide tokens in n8n?
Store them in credentials or environment variables. Avoid typing them directly into fields, especially if you plan to share or export the workflow.
Are there alternative auth methods in n8n?
Yes. n8n supports basic auth, OAuth2, API keys passed through query parameters, header authentication, and custom credential types. If you're interested in headers, this header auth guide is a great next step.
Bearer tokens are powerful and easy to use once you understand how to handle them securely. Whether you're triggering workflows, integrating APIs, or building agents, follow this n8n bearer auth guide to level up your automation securely and efficiently.